Multi-channel geo-fencing system and method

ABSTRACT

Systems and methods of adjusting computing device applications, such as smartphone applications, based on external beacon identifiers are described. Based on the identifier of the beacon detected by the smartphone, the smartphone application communicates with a backend server to receive location-specific information based on the identifier of the detected beacon. The location-specific information includes a location-specific user interface. In some arrangements, the location-specific user interface includes a designated user authentication level that varies from other location-specific user interfaces.

CROSS-REFERENCE TO RELATED PATENT APPLICATIONS

This application is a continuation of and claims priority to U.S. patentapplication Ser. No. 14/569,131, entitled “MULTI-CHANNEL GEO-FENCINGSYSTEMS AND METHODS,” filed on Dec. 12, 2014, which claims the benefitof and priority to U.S. Provisional Patent Application No. 62/076,724,filed Nov. 7, 2014, both of which are incorporated herein by referencein their entireties and for all purposes.

BACKGROUND

Generally, computing applications, such as smart phone applications, canbe tailored to present different interfaces and information to users fordifferent purposes. The different interfaces and information may relateto different services offered by a business. For example, a bankingapplication may present different interfaces depending on the desiredbanking service the customer is accessing via the banking application.The banking application may present a first interface for viewingaccount balances, a second interface for locating the nearest ATMs orbranches, a third interface for executing transfers between accounts, afourth interface for paying bills, and so on. To switch between theinterfaces, the customer selects the desired service through the userinterface and the requested interface is loaded (e.g., by interactingwith a graphical user interface presented on a touchscreen display).

SUMMARY

One embodiment relates to a method of remotely configuring a bankingapplication based on a detected location of a computing device runningthe banking application. The method includes receiving, by a processorof a banking system, a first beacon identifier relating to a firstlocation of the computing device. The method further includesdetermining, by the processor, the first location of the computingdevice based on the first beacon identifier, the first beacon identifierassociated with a first determined location of a plurality of locations,wherein each of the plurality of locations is associated with anassociated graphical user interface. The method includes transmitting,by the processor, a first graphical user interface associated with thedetermined location. The method further includes receiving, by theprocessor, authentication information relating to a user of thecomputing device. The method includes authenticating, by the processor,the user to access the first graphical user interface based on thereceived authentication information. The method further includestransmitting, by the processor, an authentication decision to thecomputing device, the authentication decision instructs the computingdevice that the user is permitted to access the first user interface.

Another embodiment relates to a banking system. The banking systemincludes a first beacon configured to transmit a first beaconidentifier, the first beacon identifier transmitted at a first broadcastradius, the first broadcast radius geo-fencing a first area of aphysical location. The banking system further includes a backend systemcomprising a processor and a memory. The backend system is configured toreceive the first beacon identifier from a computing device. The backendsystem is further configured to determine a first device location of thecomputing device to be the first area of the physical location based onthe first beacon identifier. The backend system is configured totransmit a first graphical user interface associated with the first areaof the physical location. The backend system is further configured toreceive authentication information relating to a user of the computingdevice. The backend system is configured to authenticate the user toaccess the first graphical user interface based on the receivedauthentication information. The backend system is further configured totransmit an authentication decision to the computing device, theauthentication decision instructs the computing device that the user ispermitted to access the first user interface.

Yet another embodiment relates to a non-transitory computer readablemedia having computer-executable instructions embodied therein that,when executed by a processor of a backend banking system, cause thebackend banking system to perform a banking method. The media includescomputer-executable instructions that cause the backend system toreceive a first beacon identifier relating to a first location of thecomputing device. The media further includes computer-executableinstructions that cause the backend system to determine the firstlocation of the computing device based on the first beacon identifier,the first beacon identifier associated with a first determined locationof a plurality of locations, wherein each of the plurality of locationsis associated with an associated graphical user interface. The mediaincludes computer-executable instructions that cause the backend systemto transmit a first graphical user interface associated with thedetermined location. The media further includes computer-executableinstructions that cause the backend system to receive authenticationinformation relating to a user of the computing device. The mediaincludes computer-executable instructions that cause the backend systemto authenticate the user to access the first graphical user interfacebased on the received authentication information. The media furtherincludes computer-executable instructions that cause the backend systemto transmit an authentication decision to the computing device, theauthentication decision instructs the computing device that the user ispermitted to access the first user interface.

These and other features, together with the organization and manner ofoperation thereof, will become apparent from the following detaileddescription when taken in conjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a block diagram of a computing system for a financialinstitution according to an exemplary embodiment.

FIG. 2 is a block diagram of the user device according to an exemplaryembodiment.

FIG. 3 is a block diagram of a beacon according to an exemplaryembodiment.

FIGS. 4 through 6 are diagrams of three different scenarios involvingtwo locator beacons and a user device.

FIG. 7 is an overhead view of a bank branch according to an exemplaryembodiment.

FIG. 8 is a flow diagram of a method of updating an applicationinterface based on a detected location of a user device within ageo-fenced area of a financial institution according to an exemplaryembodiment.

DETAILED DESCRIPTION

Referring to the figures generally, systems and methods of adjustingcomputing device applications, such as smartphone applications, based onexternal beacon identifiers are described. Based on the identifier ofthe beacon detected by the smartphone, the smartphone applicationcommunicates with a backend server to receive location-specificinformation based on the identifier of the detected beacon. Thelocation-specific information includes a location-specific userinterface. In some arrangements, the location-specific user interfaceincludes a designated user authentication level that varies from otherlocation-specific user interfaces.

Referring to FIG. 1, a block diagram of a computing system 100 for afinancial institution 102 is shown according to an exemplary embodiment.The financial institution 102 includes a physical location 104 that canbe visited by customers. In some arrangements, the physical location 104is a branch for the financial institution 102. The branch may includeteller windows, ATMs, drive-through banking lanes, and the like. Inother arrangements, the physical location 104 is an ATM or a bank ofATMs (e.g., at a mall, on the street, at an airport, etc.). Thefinancial institution 102 provides banking services to a plurality ofcustomers via the physical location 104. The financial institution 102includes a backend system 106. The backend system 106 maintainsdatabases, such as customer account information, for the financialinstitution 102.

The physical location 104 includes any number of computing devices 108.The backend system 106 communicates with the computing devices 108 ofthe physical location 104. The computing devices 108 are used byemployees of the financial institution 102 in providing financialservices to customers. The backend system 106 communicates with thecomputing devices 108 via an internal network or indirectly via anexternal network 110 (e.g., the internet). The computing devices 108include any of desktop computers, laptop computers, tablet computers,PDAs, and the like.

Still referring to FIG. 1, customers of the financial institution 102can access the various services provided by the financial institution102 through user devices 112. The user devices 112 include personalcomputing devices such as desktops, laptops, tablet computers, PDAs,smartphones, portable media devices, and the like. The user devices 112communicate with the backend system 106 of the financial institutionthrough the network 110. The user devices 112 may execute an application(e.g., a smartphone application) that is specific to the financialinstitution 102 or access a website of the financial institution 102maintained by the backend system 106. Via the application or thewebsite, the customer can access various information about his or heraccounts with the financial instruction 102 (e.g., balances, interestrates, etc.), pay bills, view ATM and branch locations, and viewadditional services offered by the financial institution 102.

In some arrangements, a user device 112 is a portable device, such as asmartphone or a tablet computer. In such arrangements, the customer mayvisit the physical location 104 with the user device 112. Depending onthe purpose of the customer's visit to the physical location 104, thecustomer may need to access a service specific interface of theapplication being executed on the user device 112. For example, if thepurpose of the visit is to withdraw cash from an ATM, the customer maybe able to prestage the ATM transaction through an ATM user interface ofthe application. If the purpose of the visit is to make a deposit with ateller of the bank, the customer may be able to prestage the tellertransaction through a teller user interface of the application. Thefinancial institution 102 is able to predict the user interface mostapplicable to the customer's destination based on the location of theuser device 112. Accordingly, the backend system 106 pushes thenecessary user interface and authentication level to the user device 112as described in further detail below.

The physical location 104 of the financial institution 102 includes aplurality of locator beacons 114. Each beacon 114 broadcasts a uniquebeacon identifier within a limited range of the beacon 114. In somearrangements, the beacons 114 are Bluetooth® Low Energy beacons (e.g.,iBeacons®). The limited range of the beacon may have a maximum broadcastrange of approximately 10 meters. The maximum broadcast range may beincreased or decreased by respectively increasing or decreasing thebroadcast power of each beacon 114. Each beacon 114 is positioned withina specific location of the physical location. For example, a firstbeacon may be positioned near an ATM, a second beacon may be positionedwithin a lobby of the physical location 104, a third beacon may bepositioned near a drive-through banking station of the physical location104, a fifth beacon may be positioned near an entrance to the physicallocation 104, and so on. In some arrangements, each location associatedwith the physical location 104 includes a plurality of beacons 114(e.g., a plurality of beacons 114 that geo-fence a large area, aplurality of beacons that designate sub-areas within a single area, suchas individual drive-through lanes, etc.).

Each beacon 114 geo-fences the associated location by broadcasting theunique identifier such that a location aware device (e.g., the userdevice 112) knows it is in a certain location based on the determinedunique identifier. As described in further detail below, when a customerbrings a user device 112 capable of receiving signals from the beacons114, an interface of the application being executed on the user device112 can be customized with location-specific information depending onthe detected beacon identifiers. Additionally, security requirements(e.g., the amount of login information required from the customer toaccess account information) may be altered depending on the detectedbeacon identifiers. In some arrangements, the backend system 106maintains a database of beacon identifiers and associated locations.Each entry in the database includes a beacon identifier (e.g., a serialnumber that is broadcast from the beacon) and an associated location(e.g., an identifier of the physical location and an identifier of theplacement within or outside of the physical location).

Referring to FIG. 2, a block diagram of the user device 112 is shownaccording to an exemplary embodiment. As discussed above, the userdevice 112 is a personal computing device (e.g., a desktop, laptop,tablet computer, PDA, smartphone, portable media device, or the like).The user device 112 includes a housing 202. The housing 202 is coupledto the various electrical components of the user device 112. The userdevice 112 includes a processor 204 and memory 206. The memory 206includes program modules that, when executed by the processor 204,control the operation of the user device 112. The memory 206 may alsostore various applications, such as an application of the financialinstitution 102 that facilitates communication between the user device112 and the various computing systems of the financial institution 102.The memory 204 may include any combination of RAM, ROM, NVRAM, or thelike.

The user device 112 includes at least one network interface 208. Thenetwork interface 208 is a wireless network interface. The wirelessnetwork interface 208 includes any of a cellular transceiver (e.g.,CDMA, GSM, LTE, etc.), a wireless network transceiver (e.g., 802.11X,ZigBee, Bluetooth, etc.), or a combination thereof (e.g., both acellular transceiver and a Bluetooth transceiver). The network interface208 is capable of receiving radio frequency transmissions from thebeacons 114. Additionally, the network interface 208 is capable ofcommunicating with the backend system 106 of the financial institution102 via the network 110 (e.g., the Internet as accessed through acellular data network).

The user device 112 includes a display 210 and a user input/output 212.In some arrangements, the display 210 and the user input/output arecombined (e.g., as a touchscreen display device). In other arrangements,the display 210 and the user input/output 212 are discrete devices. Theuser input/output 212 includes any of speakers, keyboards, notificationLEDs, microphones, biometric sensors (e.g., fingerprint scanners),buttons, switches, cameras, or a combination thereof.

In some arrangements, the user device 112 includes a location sensor214. The location sensor 214 may be used to supplement locationinformation determined based on the received beacon identifiers.

The user device 112 includes a power source 216. The power source 216may include any combination of grid power and battery power (e.g.,alkaline batteries, rechargeable batteries, etc.). In arrangements wherethe power source 216 is a rechargeable battery, the user device 112 alsoincludes the necessary circuitry to recharge the battery.

Referring to FIG. 3, a block diagram of a beacon 114 is shown accordingto an exemplary embodiment. The beacon 114 includes a housing 302 thatis coupled to various electrical components. The beacon 114 includes aprocessor 304 and memory 306. The memory 306 includes program modulesthat, when executed by the processor 304, control the operation of thebeacon 114. The memory 304 may include any combination of RAM, ROM,NVRAM, or the like. The unique beacon identifier of the beacon 114 isprogrammed into the memory. The beacon 114 includes a radio frequencytransmitter 308. The transmitter 308 may be a Bluetooth® transmitter308. In some arrangements, the transmitter 308 is a transceiver capableof sending and receiving radio frequency transmissions. The beacon 114includes a power source 310. The power source 310 may include anycombination of grid power and battery power (e.g., alkaline batteries,rechargeable batteries, etc.). In some arrangements where the powersource 310 is a battery, the beacon 114 is capable of transmitting theunique beacon identifier for at least a year without replacing orrecharging the battery.

Referring to FIGS. 4 through 6, three different scenarios involving twolocator beacons 402 and 404 and a user device 112 are described. In thefollowing scenarios, the first beacon 402 is positioned near an ATM ofthe financial institution 102 and the second beacon 404 is positioned ina branch lobby of the financial institution 102. Although shown ashaving substantially the same broadcast radius R, each of the beacons402 and 404 may be configured to have different broadcast radii byincreasing or decreasing the broadcast transmission power. Additionally,the shape of the broadcast region 406 for each of the beacons 402 and404 may be shaped into a noncircular shape by placing a shield (e.g., amaterial that is impermeable to radio frequency transmissions) arounddesignated portions of the beacons 402 and 404. The beacon's broadcastregions 406 are shown as being substantially the same for ease ofdescribing the following scenarios. As described in further detailbelow, depending on the received beacon identifier (or lack thereof), anapplication of the financial institution 102 that is being executed bythe user device 112 may present a different user interface and/orrequire a different level of authentication (e.g., the amount ofacceptable risk may vary depending on the type of transaction associatedwith the identified location).

Referring to FIG. 4, the user device 112 is not within range of eitherof the beacons 402 and 404. As shown, the user device 112 is positionedoutside of the broadcast regions 406 for each of the beacons 402 and404. Accordingly, the user device 112 does not receive a uniqueidentifier from either beacon 402 or beacon 404. If the user accessesthe financial institution application being executed by the user device112, the user is taken to the standard home screen of the application(e.g., a normal logon interface, the previous interface left open by theuser, etc.). The standard home screen is associated with a firstauthentication level. In some arrangements, the first authenticationlevel requires the user to enter a username and a password to gainaccess to the user's account information via the financial institutionapplication. The first authentication level may require additionalinformation, such as providing a biometric, the entering of a PIN,answering a security question, or a combination thereof.

Referring to FIG. 5, the user device 112 is within the range of thefirst beacon 402 and not the second beacon 404. Since the user device112 is in the broadcast region 406 of the first beacon 402, the userdevice 112 receives the unique identifier of the first beacon 402 (e.g.,a unique identification number). The financial institution applicationbeing executed by the user device 112 transmits the received uniqueidentifier to the backend system 106 of the financial institution 102.The backend system 106 returns a location-specific interface to theapplication. As noted above, the first beacon 402 geo-fences an ATM.Accordingly, the location-specific interface relates to the ATM.Additionally, the backend system 106 returns a second authenticationlevel to the application. In some arrangements, the secondauthentication level is different than the first authentication level.For example, to access the location-specific interface relating to theATM, the user may be required to enter the user's account PIN instead ofhaving to enter both a username and password. The second authenticationlevel may be associated with all ATMs operated by the financialinstitution 102. In other arrangements, the authentication levelassociated with the first beacon 402 varies based on a user history. Forexample, in some arrangements, the backend system 106 stores userhistory information (e.g., which ATMs/branches the user visits, howoften the user visits certain areas, visit patterns, etc.). In sucharrangements, if the ATM associated with the first beacon 402 is an ATMthe user typically visits, the second authentication level may be lowerthan the first authentication level. If the ATM associated with thefirst beacon 402 is an ATM the user does not typically visit, the secondauthentication level may be the same or higher than the firstauthentication level.

Referring to FIG. 6, the user device 112 is within the range of thesecond beacon 404 and not the first beacon 402. Since the user device112 is in the broadcast region 406 of the second beacon 404, the userdevice 112 receives the unique identifier of the second beacon 404(e.g., a unique identification number). The financial institutionapplication being executed by the user device 112 transmits the receivedunique identifier to the backend system 106 of the financial institution102. The backend system 106 returns a location-specific interface to theapplication. As noted above, the second beacon 404 geo-fences a branchlobby area of the physical location 104. Accordingly, thelocation-specific interface relates to the physical location 104 (e.g.,services offered at that particular location, hours, employees, etc.).Additionally, the backend system 106 returns a third authenticationlevel to the application. In some arrangements, the third authenticationlevel is different than the first and second authentication levels. Forexample, to access the location-specific interface relating to thephysical location 104, the user may not be required to enterauthentication information because the presented user interface merelyprovides information relating to the physical location 104 instead ofallowing the user to perform or prestage transactions. The thirdauthentication level may be associated with all branch lobbies operatedby the financial institution 102. In other arrangements, theauthentication level associated with the second beacon 404 varies basedon a user history in a similar manner as discussed above.

Still referring to FIG. 6, in some arrangements, the backend system 106also transmits user information to the financial institution computingdevices 108. For example, the financial institution computing devices108 may include a tablet computing device used by a greeter of thefinancial institution (e.g., an employee that welcomes customers as theyenter the lobby of the physical location). In such arrangements, thebackend system 106 may transmit a picture of the user and the user'sname associated with the user device 112 to the table computing deviceused by the greeter such that the greeter can greet the customer by nameas they enter the lobby. The same information may be transmitted tocomputing devices used by tellers employed at the physical location 104.Providing this information to the employees of the financial institution102 provides a more personalized service to the customers of thefinancial institution 102.

Referring to FIG. 7, an overhead view of a bank branch 700 is shownaccording to an exemplary embodiment. The bank branch 700 may be thephysical location 104 of the financial institution 102 as describedabove. The bank branch 700 includes a plurality of different customerareas, including an ATM area 702, a lobby area 704, and a drive-througharea 706. Each customer area is geo-fenced with at least one beacon 708.Each beacon 708 is similar to any of beacons 114, 402, or 404 instructure and function. Each of the beacons 708 has a broadcast radius710. The broadcast radius 710 of each of the beacons 708 may be varied(e.g., by varying the broadcast power of each beacon) and shapes (e.g.,by using signal shaping shields). In some arrangements, the broadcastradii 710 of multiple beacons 708 overlap (e.g., as shown in thedrive-through area 706). In other arrangements, the broadcast radii 710of multiple beacons 708 do not overlap (e.g., as shown in the ATM area702). As described above, based on the received beacon identification ofa customer device (e.g., user device 112) a different user interface ispresented to a user of the customer device.

Each customer area may be subdivided into multiple subareas. Forexample, each ATM within the ATM area 702 may be associated with anindividual beacon (e.g., one beacon 710 for each ATM—three beacons forthree ATMs as shown in FIG. 7). Similarly, each drive-through lane inthe drive-through area 702 may be associated with an individual beacon710. Additionally, beacons may be placed upstream of the areas to detectcustomers approaching the areas. For example, beacons may be placed onthe driveway leading up to the drive-through area 702 to detectcustomers approaching the drive-through area. Similarly, beacons may beplaced outside of the lobby area 704 (e.g., in the parking lot of thebank branch 700) to detect customers approaching the lobby area 704.

Customers of the bank branch 700 may carry portable computing devices(e.g., user device 112) that are executing a bank application (e.g., asdiscussed above). Depending on where the portable computing devices arewithin the bank branch 700 (e.g., where the customer is located if thecustomer is carrying the portable computing device), the bankapplication presents different interfaces to the customer and/orrequires a different level of authentication before allowing thecustomer to interact with the bank application.

Referring to FIG. 8, a flow diagram of a method 800 of updating anapplication interface based on a detected location of a user device(e.g., user device 112) within a geo-fenced area of a financialinstitution (e.g., physical location 104, bank branch 700, etc.)according to an exemplary embodiment. The flow diagram details theinteraction between the user device (left-most column), a backend systemof a financial institution (e.g., backend system 106), and financialinstitution devices (right-most column), such as computing devices(e.g., computing devices 108) and beacons (e.g., beacons 114, 402, 404,and 710).

Beacon identifiers are broadcast at 802. The beacon identifiers arebroadcast by beacons positioned within (e.g., in the lobby, in an ATMarea, etc.) and outside of (e.g., in a drive-through area, in theparking lot, etc.) of a financial institution. Each beacon wirelesslybroadcasts a unique beacon identifier (e.g., a serial number) to adistance of a broadcast radius of the beacon. Each beacon is associatedwith an area and geo-fences that area with the broadcasted identifier.Accordingly, the location of devices in receipt of the beacon identifieris known to be within the broadcast range of the beacon associated withthe identifier. The beacons broadcast the unique identifiers viawireless radio frequency (e.g., Bluetooth, Blootooth Low Energy, etc.).

Method 800 continues at 804 when a user device receives a beaconidentifier. The beacon identifier is received at a processor of the userdevice via a wireless receiver (e.g., a Bluetooth transceiver, networkinterface 208, etc.). The received beacon identifier is transmitted at806. The beacon identifier is transmitted by the processor and via thewireless receiver to the backend system. The beacon identifier may betransmitted from the user device to the backend system through theInternet.

The beacon identifier is received from the user device at the backendsystem at 808. The beacon identifier is received at a processor of thebackend system via a network interface of the backend system. Thebackend system compares the received beacon identifier to known beaconidentifiers. In some arrangements, the known beacon identifiers arestored in a database on the backend system. Each entry in the databaseassociates a beacon identifier to a specific location. The specificlocation may be any of a branch location, an ATM location, or anotherphysical location (e.g., a billboard or an advertisement, an autodealership that has a working relationship with the financialinstitution, etc.). Each beacon identifier is associated with a userinterface and an authentication level. The backend system determines thelocation of the user device to be a determined location from a pluralityof locations. Each of the plurality of locations is associated with auser interface and an authentication level.

The user interface and authentication level are determined at 810. Thebanking application running on the user device can be configured withdifferent user interfaces depending on the location of the user device.For example, if the user is entering an ATM area or drive-through areaof a bank, the user interface may relate to an interface that allows theuser to prestage an ATM transaction while the user waits in line. As anadditional example, if the user is approaching the bank from the parkinglot, the user interface may relate to the branch hours, the branchservices, a listing of employees that are currently working at thebranch, and the like. Different user authentication requirements may betied to different interfaces. The user must satisfy the specifiedauthentication requirement prior to providing access to the userinterface. For example, in order to prestage a transaction, a user isrequired to provide a first level of authentication, and in order toview the branch services, hours, and employee list, the user is requiredto provide a second level of authentication. The first level ofauthentication is higher (e.g., more stringent and requires more userinformation) than the second level of authentication. The specific levelof authentication may be based on a level of risk associated with theavailable transactions in the given user interface.

The user interfaces (e.g., button layout, menus, and the like) arestored at the backend system not on the user device. Storing the userinterfaces on the backend system allows the backend system to pushneeded user interfaces, which requires fewer application updates and asmaller amount of available memory on the user device than if theapplication were preloaded with the entire library of user interfaces.Accordingly, the backend system transmits the user interface andauthentication level to the user device at 812. The user interface andauthentication level are received at the user device at 814.

In some arrangements, the backend system transmits user information toat least one financial institution device at 816. The user informationincludes a user name, a user nickname, a user description, the types ofaccounts associated with the user, user family information, or acombination thereof. The user information is received at the financialinstitution device at 818. The financial institution device is acomputing device accessible by employees at the financial institution.For example, in some arrangements, the backend system transmits apicture of a user that is approaching a bank branch and the user's nameto a tablet computer operated by a greeter at the bank branch such thatthe greeter can identify the user walking in and greet the user by name.

Up to 818, the above-described steps may take place without any userinteraction with the user device (other than carrying the user deviceinto range of a beacon). The bank application running on the user deviceinteracts with the backend system and the financial institution beaconsto receive a beacon ID at 804, to transmit the beacon ID at 806, and toreceive the user interface and the authentication information at 814without any user input. For example, a user can leave her smartphone(that is running the bank application) in her purse as she enters a bankbranch, and the backend system can still transmit her information to thegreeter at the bank branch such that the greeter can greet the user byname.

Method 800 continues when the user provides authentication informationat 820. The user provides the authentication information via a userinput of the user device. The authentication information includes any ofa password, a PIN, a user ID, an answer to a verification question, abiometric (e.g., a picture of the user's face, a fingerprint, a voicesample, a retina scan, etc.), an identification of a security image, ora combination thereof. In some arrangements, no user authenticationinformation is required. For example, the user interface pushed by thebackend system based on the user's location does not allow the user toinitiate any transactions or view any account information, so nopassword or user ID entry is required to view the user interface. Insome arrangements, at least a portion of the authentication informationis provided in the form of a customer token and/or a device token storedon the user device. The customer token and device token may be tokensthat identify the user and the associated user device to the backendsystem in the future. The tokens are initially created by and encryptedby the backend system and then transmitted to the user device. Thetokens may be created as part of installing the financial institutionapplication on the user device. After the tokens are created and storedon the user device, the tokens may be used to supplement or as asubstitute for manually entered authentication provided by the user viathe user device. In an example embodiment, each time the user accessesthe backend system with a new user device, the new user device isassigned its own device token. A device and customer token are stored oneach device in order to bind the device to the user (one user device canonly have financial institution user associated with it, but one usercan have multiple user devices). Once a user device is registered withthe user, the user may be required to manually enter less informationduring an authentication process than if the tokens are not present onthe user device. For example, the user may have an online bankingpassword consisting of a combination of eight or ten or more charactersincluding numbers, upper and lower case characters, punctuation marks,and so on. Rather than enter the full online banking password, the usermay only need to enter their existing ATM PIN, device password, or otherinformation to be authenticated via the registered device. Possession bythe user of the registered user device provides an additional level ofauthentication that avoids the need for full login credentials.

The authentication information is transmitted from the user device tothe backend system at 822. The backend system authenticates the user at824. The back end system compares the received authenticationinformation with stored and verified authentication information relatingto the user. If the provided authentication information does not match,the backend system sends a notification to the user device indicatingthe information does not match. In these situations, the user may beprompted to reenter authentication information (e.g., method 800 revertsback to 820). If the provided authentication information matches theverified authentication information, the backend system transmits anauthentication decision to the user device at 826. The authenticationdecision signals to the user device that the user is permitted to accessthe user interface associated with the beacon identifier.

After receiving the authentication decision, the user device renders theuser interface 828. The user interface is a location-specific userinterface that presents different options depending on the location. Asdiscussed above, the user interface may relate to an interface thatallows the user to prestage an ATM transaction while the user waits inline in an ATM area. The user interface may relate to the branchinformation including branch hours, the branch services, a listing ofemployees that are currently working at the branch, and the like. Theuser interface may relate to more information about an advertisement inproximity to the user.

Method 800 is repeated as the user moves throughout the branch.Accordingly, if a second beacon identifier is received at the userdevice and transmitted to the backend system, a second user interfaceand second authentication level is transmitted back to the device. Themethod 800 repeats for each new beacon identifier received by the userdevice.

The above-described systems and methods can be used to push differentuser interfaces based on a device being detected at non-bank branchlocations. For example, a beacon can be embedded in an advertisement ata store (e.g., an auto financing advertisement at a car dealership), andthe application can provide customer specific information relating tothe advertisement (e.g., interest rates available to the customer basedon the customer's accounts with the financial institution). As anotherexample, a beacon can be placed near a billboard that advertises amortgage refinancing option offered by the financial institution. In theexample, the backend system can push a user interface that includescustomer-specific data relating to how much the customer can save byrefinancing with the advertised product.

The above-described systems and methods can also be used with otherlocation-specific identifiers. For example, a customer can program thecustomer's home wireless network SSID into the banking application suchthat whenever the customer is connected to the network having the SSID,the banking application can have a decreased level of authenticationand/or a customized home user interface. Other location-specificidentifiers can be based on wireless network SSIDs, GPS coordinates,GLONASS coordinates

Although the above-described systems and methods are described withrespect to a financial institution, such as a bank, the same or similarsystems and methods may be employed with any type of business that has aphysical location (e.g., a store, an advertisement, etc.).

The above systems and methods may be used for authentication andcross-authentication of any number of parties involved in any number oftransactions. Additionally, the above systems and methods may be used toprovide authentication of individuals and/or entities independent of anypending transactions between the individuals and/or entities.

The embodiments of the present invention have been described withreference to drawings. The drawings illustrate certain details ofspecific embodiments that implement the systems and methods and programsof the present invention. However, describing the invention withdrawings should not be construed as imposing on the invention anylimitations that may be present in the drawings. The present inventioncontemplates methods, systems and program products on anymachine-readable media for accomplishing its operations. The embodimentsof the present invention may be implemented using an existing computerprocessor, or by a special purpose computer processor incorporated forthis or another purpose or by a hardwired system.

As noted above, embodiments within the scope of the present inventioninclude program products comprising machine-readable media for carryingor having machine-executable instructions or data structures storedthereon. Such machine-readable media can be any available media that canbe accessed by a general purpose or special purpose computer or othermachine with a processor. By way of example, such machine-readable mediacan comprise RAM, ROM, EPROM, EEPROM, CD-ROM or other optical diskstorage, magnetic disk storage or other magnetic storage devices, or anyother medium which can be used to carry or store desired program code inthe form of machine-executable instructions or data structures and whichcan be accessed by a general purpose or special purpose computer orother machine with a processor. Combinations of the above are alsoincluded within the scope of machine-readable media. Machine-executableinstructions comprise, for example, instructions and data which cause ageneral purpose computer, special purpose computer, or special purposeprocessing machines to perform a certain function or group of functions.

Embodiments of the present invention have been described in the generalcontext of method steps which may be implemented in one embodiment by aprogram product including machine-executable instructions, such asprogram code, for example in the form of program modules executed bymachines in networked environments. Generally, program modules includeroutines, programs, objects, components, data structures, etc. thatperform particular tasks or implement particular abstract data types.Machine-executable instructions, associated data structures, and programmodules represent examples of program code for executing steps of themethods disclosed herein. The particular sequence of such executableinstructions or associated data structures represent examples ofcorresponding acts for implementing the functions described in suchsteps.

As previously indicated, embodiments of the present invention may bepracticed in a networked environment using logical connections to one ormore remote computers having processors. Those skilled in the art willappreciate that such network computing environments may encompass manytypes of computers, including personal computers, hand-held devices,multi-processor systems, microprocessor-based or programmable consumerelectronics, network PCs, minicomputers, mainframe computers, and so on.Embodiments of the invention may also be practiced in distributedcomputing environments where tasks are performed by local and remoteprocessing devices that are linked (either by hardwired links, wirelesslinks, or by a combination of hardwired or wireless links) through acommunications network. In a distributed computing environment, programmodules may be located in both local and remote memory storage devices.

An exemplary system for implementing the overall system or portions ofthe invention might include a general purpose computing computers in theform of computers, including a processing unit, a system memory, and asystem bus that couples various system components including the systemmemory to the processing unit. The system memory may include read onlymemory (ROM) and random access memory (RAM). The computer may alsoinclude a magnetic hard disk drive for reading from and writing to amagnetic hard disk, a magnetic disk drive for reading from or writing toa removable magnetic disk, and an optical disk drive for reading from orwriting to a removable optical disk such as a CD ROM or other opticalmedia. The drives and their associated machine-readable media providenonvolatile storage of machine-executable instructions, data structures,program modules and other data for the computer. It should also be notedthat the word “terminal” as used herein is intended to encompasscomputer input and output devices. Input devices, as described herein,include a keyboard, a keypad, a mouse, joystick or other input devicesperforming a similar function. The output devices, as described herein,include a computer monitor, printer, facsimile machine, or other outputdevices performing a similar function.

It should be noted that although the diagrams herein may show a specificorder and composition of method steps, it is understood that the orderof these steps may differ from what is depicted. For example, two ormore steps may be performed concurrently or with partial concurrence.Also, some method steps that are performed as discrete steps may becombined, steps being performed as a combined step may be separated intodiscrete steps, the sequence of certain processes may be reversed orotherwise varied, and the nature or number of discrete processes may bealtered or varied. The order or sequence of any element or apparatus maybe varied or substituted according to alternative embodiments.Accordingly, all such modifications are intended to be included withinthe scope of the present invention. Such variations will depend on thesoftware and hardware systems chosen and on designer choice. It isunderstood that all such variations are within the scope of theinvention. Likewise, software and web implementations of the presentinvention could be accomplished with standard programming techniqueswith rule based logic and other logic to accomplish the various databasesearching steps, correlation steps, comparison steps and decision steps.

The foregoing description of embodiments of the invention has beenpresented for purposes of illustration and description. It is notintended to be exhaustive or to limit the invention to the precise formdisclosed, and modifications and variations are possible in light of theabove teachings or may be acquired from practice of the invention. Theembodiments were chosen and described in order to explain the principalsof the invention and its practical application to enable one skilled inthe art to utilize the invention in various embodiments and with variousmodifications as are suited to the particular use contemplated. Othersubstitutions, modifications, changes and omissions may be made in thedesigning of the operating conditions and arrangement of the embodimentswithout departing from the scope of the present invention.

What is claimed is:
 1. A method of remotely configuring an applicationbased on a detected location of a user device running the application,the method comprising: receiving, by a processor of a computing systemand from the user device, a first beacon identifier of a first beaconassociated with a first location of a plurality of locations of a bankbranch and a second beacon identifier of a second beacon associated witha second location of the plurality of locations; determining, by theprocessor, that the user device is at the first location based on thefirst beacon identifier; transmitting, by the processor, a firstgraphical user interface associated with the first location of the userdevice, the first graphical user interface corresponding to a firstauthentication requirement; determining, by the processor, that the userdevice is at the second location based on the second beacon identifier;and transmitting, by the processor, a second graphical user interfaceassociated with the second location of the user device, the secondgraphical user interface corresponding to a second authenticationrequirement, the first authentication requirement and the secondauthentication requirement being different authentication requirements.2. The method of claim 1, wherein a user of the user device gains accessto the first graphical user interface in response to satisfying thefirst authentication requirement.
 3. The method of claim 2, furthercomprising: receiving, by the processor, authentication informationrelating to the user of the user device; authenticating, by theprocessor, the user to access the first graphical user interface basedon the received authentication information and the first authenticationrequirement; and transmitting, by the processor, an authenticationdecision to the user device, the authentication decision instructs thecomputing device that the user is permitted to access the firstgraphical user interface.
 4. The method of claim 1, further comprisingtransmitting, by the processor, customer information relating to a userof the user device to a banking computing device associated with thefirst location.
 5. The method of claim 4, wherein the banking computingdevice is associated with an employee of the bank branch.
 6. The methodof claim 4, wherein the transmitting customer information relating tothe user to the banking computing device associated with the firstlocation occurs without specific user input requesting that the customerinformation be transmitted to the banking computing device.
 7. Themethod of claim 1, further comprising broadcasting, by the first beacon,the first beacon identifier.
 8. The method of claim 1, wherein the firstlocation is associated with an automated teller machine of the bankbranch.
 9. The method of claim 8, further comprising receiving, by theprocessor, a prestaged transaction for the automated teller machine,wherein the prestaged transaction is received from the user device. 10.The method of claim 1, wherein the first graphical user interfacefurther comprises at least one menu.
 11. The method of claim 1, whereinthe different authentication requirements correspond to differentamounts of risk depending on types of transactions associated with thefirst location and the second location.
 12. The method of claim 1,wherein the different authentication requirements correspond to at leastone of different amounts of information used for authentication ordifferent types of information used for authentication.
 13. A bankingsystem comprising: a plurality of beacons each configured to transmit adifferent unique beacon identifier, each of the plurality of beaconsassociated with a location of a plurality of locations of a bank branch,wherein each of the plurality of locations is associated with anassociated graphical user interface; a backend system comprising aprocessor and a memory, the backend system configured to: receive, froma user device, a first beacon identifier of a first beacon of theplurality of beacons and a second beacon identifier of a second beaconof the plurality of beacons, the first beacon associated with a firstlocation of the plurality of locations, the second beacon associatedwith a second location of the plurality of locations; determine that theuser device is at the first location based on the first beaconidentifier and that the user device is at the second location based onthe second beacon identifier; and transmit a first graphical userinterface associated with the first location and a second graphical userinterface associated with the second location to the user device, thefirst graphical user interface corresponding to a first authenticationrequirement, the second graphical user interface corresponding to asecond authentication requirement, the first authentication requirementand the second authentication requirement being different authenticationrequirements.
 14. The system of claim 13, wherein a user of the userdevice gains access to the first graphical user interface in response tosatisfying the first authentication requirement.
 15. The system of claim14, wherein the backend system is further configured to: receiveauthentication information relating to the user of the computing device;authenticate the user to access the first graphical user interface basedon the received authentication information and the first authenticationrequirement; and transmit an authentication decision to the user device,the authentication decision instructs the computing device that the useris permitted to access the first user interface.
 16. The system of claim13, further comprising a banking computing device associated with thebank branch; and wherein the backend system is further configured totransmit customer information relating to a user of the user device tothe banking computing device.
 17. The system of claim 16, wherein thebanking computing device is associated with an employee of the bankbranch.
 18. The system of claim 17, wherein the backend system transmitsthe customer information relating to the user to the banking computingdevice without specific user input requesting that the customerinformation be transmitted to the banking device.
 19. The system ofclaim 13, wherein the second beacon identifier transmitted at a secondbroadcast radius, the second broadcast radius geo-fencing a secondlocation of the plurality of locations of the bank branch.
 20. Thesystem of claim 19, wherein the first beacon has a first broadcastradius that geo-fences the first location.
 21. The system of claim 20,wherein the first broadcast radius is different than the secondbroadcast radius.
 22. The system of claim 13, wherein the first locationis associated with an automated teller machine of the bank branch. 23.The system of claim 22, wherein the backend system is further configuredto receive a prestaged transaction for the automated teller machine,wherein the prestaged transaction is received from the user device. 24.A method of remotely configuring an application based on a detectedlocation of a user device running the application, the methodcomprising: receiving, by a processor of a computing system and from theuser device, a beacon identifier of a beacon, wherein the beacon is oneof a first beacon associated with a bank lobby of a bank branch, asecond beacon associated with an automated teller machine (ATM) of thebank branch, and a third beacon associated with a drive-through area ofthe bank branch; and each of the first beacon, second beacon, and thethird beacon is associated with a different graphical user interface;determining, by the processor, that the user device is at the locationbased on the beacon identifier; and transmitting, by the processor, agraphical user interface associated with the location to the user devicewherein transmitting the graphical user interface comprises transmittingone of a first graphical user interface corresponding to the firstbeacon, a second graphical user interface corresponding to the secondbeacon, or a third graphical user interface corresponding to the thirdbeacon, the first graphical user interface displays information relatingto services offered at the bank lobby, the second graphical userinterface allowing the user to prestage an ATM transaction at the ATM ofthe bank branch, the third graphical user interface allowing the user toprestage an ATM transaction at the drive-through area.